Pullup ticket #4893 - requested by taca lang/php70: security fix Revisions pulled up: - lang/php/phpversion.mk 1.122 - lang/php70/distinfo 1.3 --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 8 03:29:12 UTC 2016 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php70: distinfo Log Message: Update php70 to 7.0.2, including security fix. 07 Jan 2016 PHP 7.0.2 - Core: . Fixed bug #71165 (-DGC_BENCH=1 doesn't work on PHP7). (y dot uchiyama dot 1015 at gmail dot com) . Fixed bug #71163 (Segmentation Fault: cleanup_unfinished_calls). (Laruence) . Fixed bug #71109 (ZEND_MOD_CONFLICTS("xdebug") doesn't work). (Laruence) . Fixed bug #71092 (Segmentation fault with return type hinting). (Laruence) . Fixed bug memleak in header_register_callback. (Laruence) . Fixed bug #71067 (Local object in class method stays in memory for each call). (Laruence) . Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky) . Fixed bug #70781 (Extension tests fail on dynamic ext dependency). (Francois Laupretre) . Fixed bug #71089 (No check to duplicate zend_extension). (Remi) . Fixed bug #71086 (Invalid numeric literal parse error within highlight_string() function). (Nikita) . Fixed bug #71154 (Incorrect HT iterator invalidation causes iterator reuse). (Nikita) . Fixed bug #52355 (Negating zero does not produce negative zero). (Andrea) . Fixed bug #66179 (var_export() exports float as integer). (Andrea) . Fixed bug #70804 (Unary add on negative zero produces positive zero). (Andrea) - CURL: . Fixed bug #71144 (Sementation fault when using cURL with ZTS). (Michael Maroszek, Laruence) - DBA: . Fixed key leak with invalid resource. (Laruence) - Filter: . Fixed bug #71063 (filter_input(INPUT_ENV, ..) does not work). (Reeze Xia) - FTP: . Implemented FR #55651 (Option to ignore the returned FTP PASV address). (abrender at elitehosts dot com) - FPM: . Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas) - GD: . Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds). (emmanuel dot law at gmail dot com). - Mbstring: . Fixed bug #71066 (mb_send_mail: Program terminated with signal SIGSEGV, Segmentation fault). (Laruence) - Opcache: . Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence) - PCRE: . Fixed bug #71178 (preg_replace with arrays creates [0] in replace array if not already set). (Laruence) - Readline: . Fixed bug #71094 (readline_completion_function corrupts static array on second TAB). (Nikita) - Session: . Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo) - SPL: . Fixed bug #71077 (ReflectionMethod for ArrayObject constructor returns wrong number of parameters). (Laruence) . Fixed bug #71153 (Performance Degradation in ArrayIterator with large arrays). (Nikita) - Standard: . Fixed bug #71270 (Heap BufferOver Flow in escapeshell functions). (emmanuel dot law at gmail dot com) - WDDX: . Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization). (taoguangchen at icloud dot com) . Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability). (taoguangchen at icloud dot com) - XMLRPC . Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker). (Julien)diff -r1.119.2.2 -r1.119.2.3 pkgsrc/lang/php/phpversion.mk
(bsiegert)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: phpversion.mk,v 1.119.2.2 2016/01/17 19:25:16 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.119.2.3 2016/01/18 20:14:19 bsiegert Exp $ | |
2 | # | 2 | # | |
3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
5 | # package. | 5 | # package. | |
6 | # | 6 | # | |
7 | # === User-settable variables === | 7 | # === User-settable variables === | |
8 | # | 8 | # | |
9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
11 | # the package. | 11 | # the package. | |
12 | # | 12 | # | |
13 | # Possible: 55 56 70 | 13 | # Possible: 55 56 70 | |
14 | # Default: 55 | 14 | # Default: 55 | |
@@ -73,27 +73,27 @@ | @@ -73,27 +73,27 @@ | |||
73 | # initial release of major version. | 73 | # initial release of major version. | |
74 | # | 74 | # | |
75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
76 | # | 76 | # | |
77 | # Keywords: php | 77 | # Keywords: php | |
78 | # | 78 | # | |
79 | 79 | |||
80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
82 | 82 | |||
83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
84 | PHP55_VERSION= 5.5.31 | 84 | PHP55_VERSION= 5.5.31 | |
85 | PHP56_VERSION= 5.6.17 | 85 | PHP56_VERSION= 5.6.17 | |
86 | PHP70_VERSION= 7.0.1 | 86 | PHP70_VERSION= 7.0.2 | |
87 | 87 | |||
88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
89 | PHP55_RELDATE= 20130620 | 89 | PHP55_RELDATE= 20130620 | |
90 | PHP56_RELDATE= 20140828 | 90 | PHP56_RELDATE= 20140828 | |
91 | PHP70_RELDATE= 20151203 | 91 | PHP70_RELDATE= 20151203 | |
92 | 92 | |||
93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
98 | 98 | |||
99 | .include "../../mk/bsd.prefs.mk" | 99 | .include "../../mk/bsd.prefs.mk" |
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | $NetBSD: distinfo,v 1.2 2015/12/18 14:58:14 taca Exp $ | 1 | $NetBSD: distinfo,v 1.2.2.1 2016/01/18 20:14:19 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (php-7.0.1.tar.bz2) = 4555b230a2a418d3166b2385118693c6b9f8c969 | 3 | SHA1 (php-7.0.2.tar.bz2) = 24f6a1f926f5eda8bd8c0a343d3b175378d706bf | |
4 | RMD160 (php-7.0.1.tar.bz2) = b05f2612aa9392097be56c7325ecd07fb15e3e79 | 4 | RMD160 (php-7.0.2.tar.bz2) = 8a8acf7b0c4fa8b2c095645203d6a1e5dada27ca | |
5 | SHA512 (php-7.0.1.tar.bz2) = 7a157561da7438620d06304e82d459aea843fe89521f11c9e9941afa85f1a8393a98f25f697f22907da2ee79e228f2d27d9a3f9de209a521ad44a1f9a49e57ca | 5 | SHA512 (php-7.0.2.tar.bz2) = 05575617c6b9fb25de1d3963ff6fdb2033c66064d65657598228551119859125d33e91fafb9526d6799e92566d51bbd7c29956f774af6e0a64d7f0098d01cc40 | |
6 | Size (php-7.0.1.tar.bz2) = 13987040 bytes | 6 | Size (php-7.0.2.tar.bz2) = 13988573 bytes | |
7 | SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad | 7 | SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad | |
8 | SHA1 (patch-configure) = 2ef84d463f4eeb35ecc3df82c1aaca8e74f3a276 | 8 | SHA1 (patch-configure) = 2ef84d463f4eeb35ecc3df82c1aaca8e74f3a276 | |
9 | SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3 | 9 | SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3 | |
10 | SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92 | 10 | SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92 | |
11 | SHA1 (patch-ext_opcache_config.m4) = d0dc7dbf2e5fe498cbf03c4514e4efdb6c6d2c4a | 11 | SHA1 (patch-ext_opcache_config.m4) = d0dc7dbf2e5fe498cbf03c4514e4efdb6c6d2c4a | |
12 | SHA1 (patch-ext_pdo__mysql_config.m4) = b1ef91be5a729040197e9af50da0f5fd1f6c90a8 | 12 | SHA1 (patch-ext_pdo__mysql_config.m4) = b1ef91be5a729040197e9af50da0f5fd1f6c90a8 | |
13 | SHA1 (patch-ext_pdo_config.m4) = 522281775cc0e70a135b1f813158988ef1f3e244 | 13 | SHA1 (patch-ext_pdo_config.m4) = 522281775cc0e70a135b1f813158988ef1f3e244 | |
14 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | 14 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | |
15 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | 15 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | |
16 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 8a529a1b3f7c97731f2e719d006f67c3a7259bb5 | 16 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 8a529a1b3f7c97731f2e719d006f67c3a7259bb5 | |
17 | SHA1 (patch-ext_standard_basic__functions.c) = f97a2748c7b15fbd9a2d3c21e56079088cc05d56 | 17 | SHA1 (patch-ext_standard_basic__functions.c) = f97a2748c7b15fbd9a2d3c21e56079088cc05d56 | |
18 | SHA1 (patch-makedist) = 2ac0e0391c031c4fcf4993e2269cde4c6bfddfd5 | 18 | SHA1 (patch-makedist) = 2ac0e0391c031c4fcf4993e2269cde4c6bfddfd5 | |
19 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd | 19 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd |